system info

Haraka | Haraka.js — Version: 2.8.28 --- | :---
Node | v18.10.0
OS | Linux vps 5.10.117 #1-vpsAdminOS SMP Sat May 21 14:03:07 UTC 2022 x86_64 GNU/Linux
openssl | OpenSSL 1.1.1q 5 Jul 2022

Expected behavior

Mail should pass through no matter what headers are added.

Observed behavior

Since rspamd v 3.3 many of messages generate error when adding email headers after checking the messages with rspamd.
This plugin is no longer usable when it's configured to add headers.
This is the log I'm getting:

Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core] TypeError: Cannot read properties of undefined (reading 'replace')
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at Header.add_end (/usr/lib/node_modules/Haraka/mailheader.js:152:23)
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at Transaction.add_header (/usr/lib/node_modules/Haraka/transaction.js:212:21)
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at /usr/lib/node_modules/Haraka/node_modules/haraka-plugin-rspamd/index.js:193:40
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at Array.forEach (<anonymous>)
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at exports.do_milter_headers (/usr/lib/node_modules/Haraka/node_modules/haraka-plugin-rspamd/index.js:188:46)
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at IncomingMessage.<anonymous> (/usr/lib/node_modules/Haraka/node_modules/haraka-plugin-rspamd/index.js:257:24)
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at IncomingMessage.emit (node:events:525:35)
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at endReadableNT (node:internal/streams/readable:1359:12)
Oct 07 12:14:22 vps node[1642317]: [CRIT] [-] [core]     at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

Steps to reproduce

Configure in rspand.ini
add_headers=always

Send your self an email and watch the logs.

I find this critical and I haven't managed to make a fix my-self.

The devDependency eslint-plugin-haraka was updated from 1.0.9 to 1.0.10.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-haraka is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

Version 1.0.24 of haraka-test-fixtures was just published.

This version is covered by your current version range and after updating it in your project the build failed.

haraka-test-fixtures is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

system info

Expected behavior

in config/rspamd.ini:
rmilter_headers.enabled=true

I expect headers from rspamd in the mail, for example "Authentication-Results" coming from SPF+DKIM+DMARC checks in rspamd.

Observed behavior

No "Authentication-Results" header found in the mail.

system info

Haraka | Haraka.js — Version: 3.0.1
 --- | :--- 
Node | v14.21.3
OS | Linux <redacted> 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64 GNU/Linux
openssl | OpenSSL 1.1.1n  15 Mar 2022

Expected behavior

connection.transaction.results.get('rspamd') should be defined.

Observed behavior

connection.transaction.results.get('rspamd') is not defined.

Steps to reproduce

This happens for me since 1.3.0. The rspamd transaction result isn't defined, for instance in the watch plugin and in our own plugins.

DEBUG] [-] [watch]  skip="rspamd not found"

Reverting to 1.2.0 resolves the issue. I tried tracking down the exact issue and suprisngly it's because of the change from a forEach to a for of in get_clean:

37d9067#diff-e727e4bdf3657fd1d798edcd6b099d6e092f8573cba266154583a746bba0f346L383-R396

Specifically, it seems that the if (data[b].length) inside the loop returns more often since the change. It's unclear to me why this change affects anything, as far as I know it should be identical.

Please, add support tempfail action when rspamd not available.

In postfix have next config: milter_default_action = tempfail

The devDependency eslint-plugin-haraka was updated from 1.0.11 to 1.0.12.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint-plugin-haraka is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

system info

Haraka | Haraka.js — Version: 2.8.21
 --- | :--- 
Node | v10.8.0
OS | Linux vps.domain.tld 3.16.6-042stab127.46 #1 SMP Wed Mar 28 01:57:40 CEST 2018 x86_64 GNU/Linux
openssl | OpenSSL 1.1.0h  27 Mar 2018

Expected behavior

I'd like to check incoming emails via rspamd plugin. Most likelly this is a change in rspamd that this plugin should be able to get into account however I am unable to figure it out.
Previously I was running rspamd 1.7.1 and I have updated to rspamd 1.7.9 skipping minor updates that were released in between.

Observed behavior

Haraka gets the email, calls all the hooks, rspamd processes the messages but causes haraka to act on an undefined variable I guess.

[DEBUG] [28745188-9D90-4CC8-B4D4-3F39C7DE38C0.1] [core] running data_post hook in rspamd plugin
[DEBUG] [-] [core] addOCSP: not available
[NOTICE] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] connect ip=<ipv4AddressHere> port=43914 local_ip=<ipv4AddressHere> local_port=25
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] running connect_init hooks
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] running connect_init hook in early_talker plugin
[INFO] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] client [<ipv4AddressHere>] half closed connection
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] client has disconnected
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] running disconnect hooks
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] client has disconnected
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] running disconnect hook in tls plugin
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] client has disconnected
[DEBUG] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core]  hook=disconnect plugin=tls function=hook_disconnect params="" retval=CONT msg=""
[NOTICE] [599041A5-D3FA-4C8E-B9C3-4558A2AAEC56] [core] disconnect ip=<ipv4AddressHere> rdns="" helo="" relay=N early=N esmtp=N tls=N pipe=N errors=0 txns=0 rcpts=0/0/0 msgs=0/0/0 bytes=0 lr="" time=5.003
[INFO] [28745188-9D90-4CC8-B4D4-3F39C7DE38C0.1] [rspamd] action: no action, is_skipped: false, required_score: 15, score: -2.896589, time: 5.13
[CRIT] [-] [core] TypeError: value.replace is not a function
[CRIT] [-] [core]     at Header.add_end (/usr/lib/node_modules/Haraka/mailheader.js:164:23)
[CRIT] [-] [core]     at Transaction.add_header (/usr/lib/node_modules/Haraka/transaction.js:154:21)
[CRIT] [-] [core]     at Object.keys.forEach (/usr/lib/node_modules/Haraka/node_modules/haraka-plugin-rspamd/index.js:181:36)
[CRIT] [-] [core]     at Array.forEach (<anonymous>)
[CRIT] [-] [core]     at Plugin.exports.do_milter_headers (/usr/lib/node_modules/Haraka/node_modules/haraka-plugin-rspamd/index.js:180:46)
[CRIT] [-] [core]     at IncomingMessage.res.on (/usr/lib/node_modules/Haraka/node_modules/haraka-plugin-rspamd/index.js:240:24)
[CRIT] [-] [core]     at IncomingMessage.emit (events.js:187:15)
[CRIT] [-] [core]     at endReadableNT (_stream_readable.js:1081:12)
[CRIT] [-] [core]     at process._tickCallback (internal/process/next_tick.js:63:19)
[NOTICE] [-] [core] Shutting down

Steps to reproduce

# config/plugins
early_talker
helo.checks
tls
ldap
mail_from.is_resolvable
bounce
data.headers
attachment
queue/lmtp
limit

# config/rspamd.ini
add_headers=always

[check]
authenticated=true
private_ip=true

[reject]
authenticated=true

[dkim]
enabled=false

And then make sure incoming email kicks in.

Version 10 of Node.js (code name Dubnium) has been released! 🎊

To see what happens to your code in Node.js 10, Greenkeeper has created a branch with the following changes:

• Added the new Node.js version to your .travis.yml

If you’re interested in upgrading this repo to Node.js 10, you can open a PR with these changes. Please note that this issue is just intended as a friendly reminder and the PR as a possible starting point for getting your code running on Node.js 10.

Your Greenkeeper Bot 🌴

system info

Expected behavior

Haraka/rspamd system (Feb 26) built prior to latest commit work. Two systems build since the latest commit error: timeout

Observed behavior

grep rspamd /jails/haraka/var/log/maillog

Mar 12 01:07:22 haraka haraka[31803]: [ERROR] [7DE668FD-0437-4238-9D82-DD6DCB721822.1] [rspamd] timeout
Mar 12 01:23:01 haraka haraka[32069]: [ERROR] [28013C17-C01A-4F25-828D-09F553A75695.1] [rspamd] timeout
Mar 12 02:10:42 haraka haraka[31803]: [ERROR] [268DD36C-3285-4942-BF77-400F35191D61.1] [rspamd] timeout
Mar 12 02:10:51 haraka haraka[32069]: [ERROR] [DC89F14A-F02E-495A-9361-37CE1DD12554.1] [rspamd] timeout
Mar 12 02:12:14 haraka haraka[32069]: [ERROR] [717644E9-4D9B-4697-9E94-A81E3DC1C499.1] [rspamd] timeout

Steps to reproduce

system info

See #5

Expected behavior

Haraka communicating with rspamd

Observed behavior

Haraka logs:

[ERROR] [914FC75D-443E-4D36-827B-3D6BCB27FE47.1] [rspamd] socket hang up

Rspamd logs:

2018-03-29 13:22:08 #7(rspamd_proxy) <ca76b5>; proxy; proxy_accept_socket: accepted milter connection from 172.19.1.28 port 47194
2018-03-29 13:22:08 #7(rspamd_proxy) <ca76b5>; proxy; proxy_milter_error_handler: abnormally closing milter connection from: 172.19.1.28, error: Command length is too big: 1347375955

Steps to reproduce

Install rspamd plugin and wait for inbound mail.

Would it be possible to have a reject.local_ip option? This would be useful if running a webmail on the same server/IP as Haraka and with non trusted webmail users.

This plugin should provide the ability to use headers set by other plugins in the request to Rspamd. I suppose the way to do this is probably by nesting something in connection.transaction.notes.

Use-cases:

• Providing custom settings for Rspamd scan
• Using precomputed results for redundant checks with the http_headers module.
• Overriding the IP sent to Rspamd if need be
• Other?

system info

Expected behavior

Inbound mail gets piped to rspamd, rspamd processes the mail, and reports it back to Haraka

Observed behavior

[INFO] [10CB0DC5-76EA-415E-899B-5904750B604F.1] [core]  hook=rcpt plugin=rcpt_to.alias_forward function=alias_forword params=<[email protected]> retval=OK msg=""
[NOTICE] [10CB0DC5-76EA-415E-899B-5904750B604F.1] [core] recipient <[email protected]> code=OK msg="" [email protected]
[CRIT] [10CB0DC5-76EA-415E-899B-5904750B604F.1] [core] Plugin rspamd failed: Error: Cannot pipe while currently piping
    at MessageStream.pipe (/home/node/.npm-global/lib/node_modules/Haraka/messagestream.js:324:19)
    at Plugin.exports.hook_data_post (/home/node/.npm-global/lib/node_modules/Haraka/node_modules/haraka-plugin-rspamd/index.js:163:43)
    at Object.plugins.run_next_hook (/home/node/.npm-global/lib/node_modules/Haraka/plugins.js:505:28)
    at Object.plugins.run_hooks (/home/node/.npm-global/lib/node_modules/Haraka/plugins.js:422:13)
    at MessageStream.end_callback (/home/node/.npm-global/lib/node_modules/Haraka/connection.js:1605:21)
    at MessageStream._write (/home/node/.npm-global/lib/node_modules/Haraka/messagestream.js:137:41)
    at ChunkEmitter.<anonymous> (/home/node/.npm-global/lib/node_modules/Haraka/messagestream.js:63:22)
    at ChunkEmitter.emit (events.js:180:13)
    at ChunkEmitter.end (/home/node/.npm-global/lib/node_modules/Haraka/chunkemitter.js:58:18)
    at MessageStream.add_line_end (/home/node/.npm-global/lib/node_modules/Haraka/messagestream.js:114:28)
[NOTICE] [17C9FE55-F6E7-4220-A565-84190D48522E.1] [core] message mid=<[email protected]><[email protected]>

<[email protected]>
 size=957 rcpts=1/0/0 delay=0.012 code=CONT msg=""
[NOTICE] [17C9FE55-F6E7-4220-A565-84190D48522E.1] [core] queue code=CONT msg=" (17C9FE55-F6E7-4220-A565-84190D48522E.1)"
[CRIT] [-] [core] Error: connect ECONNREFUSED 172.19.1.29:11333
[CRIT] [-] [core]     at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1173:14)
[NOTICE] [-] [core] Shutting down

and haraka crashing after that
(please ignore any domains in this error log, it was pasted together from two subsequent crashes, maybe the domains do not fit together. However, the log is the same)

Steps to reproduce

Install Haraka with the following plugins enabled (in this order):

• tls
• auth/flat_file
• rcpt_to.alias_forward
• rspamd
• queue/discard

Rspamd is on another host (speak: docker container) with the following config:

host = rspamd_app_1
port = 11333
add_headers = sometimes

[dkim]
enabled = true

[header]
bar = X-Rspamd-Bar
report = X-Rspamd-Report
score = X-Rspamd-Score

[check]
authenticated=false
private_ip=false

[reject]
message = Detected as spam
authenticated=false
spam = true

[rmilter_headers]
enabled = true

[spambar]
positive = +
negative = -
neutral = o

Wait until Haraka gets an inbound mail to process.

system info

Expected behavior

Scanning a spam message through rspamd's "scan" tab on its web interface reports a RSPAMD_URIBL symbol (with weight of 4.5).
I would expect incoming mail to also be tested on this, so it could be rejected. Here's the full list from the scan result:

ABUSE_SURBL (5.5)
RSPAMD_URIBL (4.5) 
HTML_SHORT_LINK_IMG_1 (2)
RBL_MAILSPIKE_WORST (2)
FROM_EXCESS_BASE64 (1.5)
SUBJECT_HAS_CURRENCY (1)
MIME_HTML_ONLY (0.2)
BAD_REP_POLICIES (0.1)
RCVD_NO_TLS_LAST (0.1)

Observed behavior

This RSPAMD_URIBL test is not applied to actual, incoming mail (it is not added to the X-Rspamd-Report header, its value is not added to the score.) This allows the spam to be accepted.

Here's the header of the actual received mail:

X-Rspamd-Bar: ++++++++++++
X-Rspamd-Report: ABUSE_SURBL(5.5) FROM_EXCESS_BASE64(1.5) HTML_SHORT_LINK_IMG_1(2) RBL_MAILSPIKE_WORST(2) BAD_REP_POLICIES(0.1) SUBJECT_HAS_CURRENCY(1) MIME_HTML_ONLY(0.2) FORGED_SENDER(0.3) RCVD_NO_TLS_LAST(0.1)
X-Rspamd-Score: 12.699999

Steps to reproduce

Test incoming spam messages?
Do I have to enable this test somewhere?

The devDependency eslint was updated from 5.16.0 to 6.0.0.

🚨 View failing branch.

This version is covered by your current version range and after updating it in your project the build failed.

eslint is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

Your Greenkeeper Bot 🌴

system info

Please report your OS, Node version, and Haraka version by running this shell script on your Haraka server and replacing this section with the output.

Expected behavior

No CRIT error even when a header field is malformed.

Observed behavior

It seems that the plugin fails with a CRIT error whenever the From header field contains an invalid character. Very rare occurrence though, as this is pretty uncommon.

[CRIT] [B3DF23E0-4B6C-4DFC-82FD-8196EF016B95.1] [core] Plugin rspamd failed: TypeError [ERR_INVALID_CHAR]: Invalid character in header content ["From"]

Steps to reproduce

Send an email with an invalid character in the From header. But to be honest I haven't been able to find what's considered invalid. Suggestions are welcome!